Electronic apparatus and medium

ABSTRACT

Recording of peripheral image information by an electronic apparatus is designed to be conducted only at a time when an illegal use of the apparatus is determined, whereby the consumption of the resource for the apparatus is reduced, thereby making it possible to simplify the recording.  
     The electronic apparatus comprises a first memory storing therein a parameter representing at least conditions for the illegal use of the apparatus and a control unit for storing in a second memory image information by a photographing device which has photographed the user of the apparatus when the conditions represented by the parameter are established. The control unit controls the output of the image information stored in the second memory through an output direction and directs a BIOS setup program to read out the parameter in the first memory and record the image information into the second memory. Furthermore, the control unit directs an operating system or an application program running on the apparatus to set and alter the parameter in the first memory via an interface prepared in the BIOS program.

BACKGROUND OF THE INVENTION

[0001] 1. Field of the Invention

[0002] The present invention relates to an electronic apparatus foridentifying a user in the event that the user who is not authorized todo so gains access to the apparatus and a medium having a programtherefore recorded thereon, and in particular to an electronic apparatusfor recording as an image the peripheral status of a system while thesystem is in operation and a medium having a program therefore recordedthereon.

[0003] 2. Description of the Related Art

[0004] A protection mechanism against illegal usage is provided on aconventional electronic apparatus such as a personal computer system(hereinafter, referred to as PC system). This protection mechanism isprovided on the premise that the system knows who is the user andidentifies him or her as an authorized user when he or she logs on thesystem. The identification of the user is normally carried out byidentifying a certain knowledge that the user possesses, a certain thingthat the user possesses or a certain personal feature of the userhimself or herself.

[0005] Entering his or her password is used as the most common means.Moreover, there is a case where a signature pattern is used foridentification of the user. In addition, identification methods usingthe recognition of finger prints, palm prints, hand configurations,retina patterns, voices or the like have been developed as means foridentifying the user on a terminal.

[0006] As is described above, there have been devised various methodsfor protecting a PC system against an illegal usage by a user who isoriginally not authorized to gain access to the system. However, in acase where a password is entered, it has been possible to recordpasswords illegally used but has been difficult to identify the user.

[0007] In order to identify an illegal user, visual information on theexternal appearance of the user is very useful. As is seen fromautomated teller machines, a monitor camera is installed in the vicinityof an automated teller machine as a security system for monitoring themachine. However, since this security system has to be installedseparately from the machine, a certain cost is involved. Moreover,although visual information can be recorded for monitoring, with such asystem, recording is carried out at all times, and therefore, arecording medium of a large capacity is needed.

[0008] Due to this, there is caused a problem when such a securitysystem is adopted for the PC system. In particular, with abattery-operated PC system, the operation time of the system is reducedbecause the battery has to be used as a power source for operating therecording system at all times for recording visual informationcontinuously. Therefore, it is required that the peripheral status ofthe PC system in operation is easily recorded as image information.

[0009] To this end, an object of the present invention is to enable theidentification of an illegal user of a PC system while reducing theconsumption of the resource for the system. Another object of thepresent invention is to enable verification using the PC system withoutusing an application program. A further object of the present inventionis to enable the setting of image information recording not only from aBIOS setup program but also from an operating system or an applicationprogram.

SUMMARY OF THE INVENTION

[0010] With a view to attaining the objects, according to one aspect ofthe present invention, there is provided an electronic apparatuscomprising a first memory which stores at least a parameter representingconditions with respect to the illegal usage of the apparatus and acontrol unit for storing in a second memory image information producedby a photographing device which has photographed a user of the apparatusin the event that the conditions represented by the parameter areestablished.

[0011] Then, the control unit is constructed so as to control the outputof the image information stored in the second memory in accordance withan output direction. Furthermore, the control unit is constructed so asto direct a BIOS setup program to read out the parameter stored in thefirst memory and to record the image information into the second memory.The control unit is further constructed so as to direct an operatingsystem or an application program running on the electronic apparatus toset and modify the parameter stored in the first memory via an interfaceprepared on the BIOS program.

[0012] Additionally, according to the present invention, there isprovided a computer readable recording medium having recorded thereon aprogram for rendering from a computer read out at least the parameterrepresenting conditions with respect to the illegal usage of theelectronic apparatus which is stored in the first memory, determiningwhether or not the conditions are established and stored in the secondmemory image information produced by the photographing device which hasphotographed a user who used the apparatus.

BRIEF DESCRIPTION OF THE DRAWINGS

[0013]FIG. 1 is a schematic block diagram showing the construction of apersonal computer system,

[0014]FIG. 2 is a table showing a specific example of a data area thatis to be held in a memory,

[0015]FIGS. 3A to 3C shows a specific example of a software interfaceprepared by a BIOS setup program,

[0016]FIG. 4 shows a visual display example of the BIOS setup program,

[0017]FIG. 5 shows a specific example of a window displaying imagerecorded information,

[0018]FIG. 6 is a flow chart for processing an entry portion in an imagerecording process when the power is supplied,

[0019]FIG. 7 is a flow chart for processing an entry portion in an imagerecording process when a setup is activated,

[0020]FIG. 8 is a flow chart for processing an entry portion in an imagerecording process when a password is illegally entered,

[0021]FIG. 9 is a flow chart for processing an entry portion in an imagerecording process when resumed, and

[0022]FIG. 10 is a flow chart for image information recording process.

DESCRIPTION OF THE PREFERRED EMBODIMENT

[0023] Referring to the accompanying drawings, an embodiment of thepresent invention will be described. In the description, a PC systemwill be described as representing an electronic apparatus.

[0024]FIG. 1 shows a schematic block structure of a PC system to whichan embodiment according to the present invention is applied. The PCsystem mainly comprises a system controller 1, a display controller 2, adisk controller 3, a keyboard controller 4, an I/O controller 5, and aUSB controller 6 which is an interface via which peripherals connect tothe PC system, and those constituent devices are connected to each othervia a bus. Furthermore, a power supply unit 7 is provided for supplyingpower to the whole PC system.

[0025] The system controller 1 has a CPU 8 and a main memory 9 which isa DRAM, and a hard disk 10 is connected to the disk controller 3. TheI/O controller 5 is provided with a serial port 11, a parallel port 12and a floppy disk drive 13. Connected to the bus are a nonvolatilememory (CMOSRAM) 14 and a flash memory 15 which contains a BIOS, and abackup battery 16 is connected to the nonvolatile memory 14.

[0026] Here, the PC system according to the embodiment of the inventionis characterized in that a camera 17 is connected to the USB controller6. For this camera 17 any type of camera such as a CCD camera or adigital camera may be used as long as it can acquire image data in adigital fashion. Then, when a user uses the PC system, it is a commonpractice that the user faces a display 19 and operates a keyboard 18,and therefore, the orientation of the camera 17 is such that the camera17 faces the user from the display 19 side, and the camera 17 may beinstalled at an end portion or the like of the display 19. Note that thecamera 17 may be placed away from a PC system main body as long as thecamera is installed within a range in which it can reproduce the face orthe like of the user and acquire image data.

[0027] With a notebook-sized personal computer having a CCD camera builttherein, the built-in camera may be used.

[0028] To this end, in the embodiment, even in a case where a person whotries to use the PC system is not originally authorized to gain accessto the system, when the user activates the PC system, the face of theuser is photographed with the camera 17 equipped on the PC system, andthe image is designed to be recorded within the PC system. Then, it caneasily be determined whether or not the user is a right person who isauthorized to gain access to the system (or whether or not the attempteduse is illegal) by validating the face of the user by displaying therecorded image on the display 19 of the PC system. In addition, insteadof displaying it on the display 19, the recorded image may be printedout.

[0029] Photographing the face of the user and recording the photographedimage are timed to happen when the power supply is turned on, the BIOSsetup program is activated, an illegal password is entered, the systemis resumed, or the like.

[0030] Data areas are reserved in the nonvolatile memory 14 and theflash memory 15, respectively, so that image information from the camera17 can be acquired at those timings. A specific example thereof is shownin FIG. 2.

[0031] Stored in the nonvolatile memory 14 are the time of recording, aformat for image information to be recorded and setting information forcontrolling the mode of writing image information.

[0032] A parameter 1 is intended to control the timing to record imageinformation, and the storage size thereof is 1 byte. The parameter 1stores data for directing the BIOS program to record image informationwhen the power supply is turned on, the system is resumed, the BIOSsetup program is activated, and an illegal password is entered, inresponse to a value.

[0033] A parameter 2 is intended to control a format for imageinformation to be recorded, and the storage size thereof is 1 byte. Theparameter 2 stores data for designating to the BIOS program the numberof pixels and colors for image information to be recorded, in responseto a value.

[0034] A parameter 3 is intended to control the mode of writing imageinformation, and the storage size thereof is 1 byte. The parameter 3stores data for directing the BIOS program to overwrite or append imageinformation, in response to a value.

[0035] Then, the flash memory 15 is an area for storing data on imageinformation to be recorded and is adapted to store an image datamanagement header and image data.

[0036] The image data management header is management information onimage data, and the size thereof is four bytes. The image datamanagement header holds a pointer for the first image data.

[0037] Contained in the image data are a pointer for the next imagedata, time and timing when the image data is recorded, a format for theimage data itself and the data thereof.

[0038] The size of data can be altered by the format. In a case wherethe mode of writing is “appending” mode, there will be a plurality ofimage data. In addition, in order to manage a plurality of image data,individual image data hold pointers for the next image data.

[0039] Next, a software interface will be described which directs theBIOS program in accordance with a value set in the nonvolatile memory14.

[0040]FIGS. 3A to 3C show an example of a software interface to beprepared by the BIOS program.

[0041] The BIOS program prepares a data structure having a specificsignature within a system BIOS area, and an application program is ableto know the position of entry points by embedding entry addresses forrespective interfaces for 32-bit protected mode.

[0042] The application program can execute respective functions bycalling entry points it has found with the same calling interface as Clanguage shown in FIGS. 3A to 3C. Prepared for each interface are afunction to return the current setting and a function to alter thesetting. The BIOS program conducts a return processing or alterationprocessing of the contents stored in the parameters 1 to 3 within thenonvolatile memory 14 shown in FIG. 2.

[0043]FIG. 4 shows an example of the visual display of the BIOS setupprogram.

[0044] Timing to record image information can be set at one or aplurality of occasions out of the following four setup items such as“when the power supply is turned on,” “when the system is resumed,”“when the BIOS setup is activated,” and “when an illegal password isentered,” and in FIG. 4, it is shown that image information is recordedwhen a password is illegally entered. These settings are reflected onthe parameter 1 in the nonvolatile memory 14.

[0045] The “image size,” and the “image colors” are items for setting aformat for image information to be recorded, and the image size isrepresented by the number of pixels, which is 640×480, and the imagecolors is 256. These settings are reflected on the parameter 2 in thenonvolatile memory 14.

[0046] The “recording mode” is an item for setting the mode of writing,and in FIG. 4, it is set to “appending” mode. This setting is reflectedon the parameter 3 in the nonvolatile memory 14.

[0047] The “display recorded image” is intended to display recordedimage information in the BIOS setup program. In this item, a recordedimage display window as shown in FIG. 5 appears on the display of the PCsystems by depressing the enter key on the keyboard 18, where imageinformation is displayed together with the time of recording and timinginformation.

[0048] The “display the previous data” and “display the next data”become selectable when the mode of writing is set to “appending” modeand a plurality of data are recorded, and they can actually be selectedby operating the cursor key and enter key. When the “return” isselected, it is possible to return to the display shown in FIG. 4.

[0049] The “delete recorded image” is intended to delete recorded imageinformation. In this item, image information is deleted by depressingthe enter key.

[0050] Next, FIGS. 6 to 9 show processing flows for an entry portion ofa recording process of image information. In any case, the BIOS programis designed to obtain the parameter 1 stored in the nonvolatile memory14, determine whether or not an image recording process is needed, callan image information recording process program when it determines thatthe recording process is needed.

[0051]FIG. 6 shows a processing flow at the entry portion in the eventthat image information is recorded when the power supply turned on. Inthis case, when the user switches on the power supply with a view toactivating the PC system, image information is automatically recorded.Then, the user of the PC system can be verified afterwards by displayingthe recorded information on the display.

[0052] First of all, when the power supply is turned on with a view toactivating the PC system, the BIOS program is activated, and thenonvolatile memory 14 is scanned. When this occurs, the set items on theparameter 1 are read, whereby the parameter 1 is obtained. In the caseof the example shown in FIG. 4, in the parameter 1 obtained, the imageis set “to be recorded” when an illegal password is entered, and sincethe image is set “not to be recorded” when the power supply is turned on(step S2), no record is needed (N) when the power supply is turned on,whereby the PC system activating process continues without recording aperipheral image.

[0053] Processing at the time of activation for setup shown in FIG. 7 issimilar to the process shown in FIG. 6 which is carried out when thepower supply is turned on. In the case of the example shown in FIG. 4,recording is not required at the time of activation for setup (N in stepS4), and the PC system activating process continues without recording aperipheral image.

[0054]FIG. 8 shows a process to be carried out when a password isillegally entered. Obtaining the parameter 1 in step S1 in this case issimilar to the process in step S1 shown in FIGS. 6 and 7. In the case ofthe example shown in FIG. 4, since the image is set “to be recorded”when the password is illegally entered (step S5), it is determined thata peripheral image needs to be recorded (Y), an image informationrecording process is started (step S3).

[0055] Although the image information recording process will bedescribed in detail later on, a peripheral image such as the face of theuser is obtained from the camera 17 via the USB controller 6, and theobtained information is recorded in the aforesaid flash memory 15.

[0056] The processes shown in FIGS. 6 to 8 are executed mainly inrelation to the setup of the PC system, but apart from that, aperipheral image can also be recorded when the PC system is resumed, asshown in FIG. 9.

[0057] A process in step S1 is similar to the process in step S1 shownin FIGS. 6 to 8, respectively. Then, in the event that in the parameter1 obtained in step S1, the image is set to be recorded when the systemis resumed, it is determined that a peripheral image needs to berecorded when the system is resumed (Y), a image information recordingprocess in step S3 is executed. If the case is such as the example shownin FIG. 4, it is determined that no recording is needed (N), the processafter the system is resumed continues.

[0058] Here, a detailed flow of the image information recording processin step S3 shown in FIGS. 6 to 9 is shown in FIG. 10.

[0059] When it is determined that a peripheral image needs to berecorded, first of all, the contents of the format for a peripheralimage to be recorded are obtained from the parameter 2 stored in thenonvolatile memory 14 (step S1). In the example shown in FIG. 4, thesize of an image and the number of colors of an image are designated,respectively, as the number of pixels of 640×480 and 256 colors. Thesedesignations are read out of the parameter 2.

[0060] In order to obtain image information in the designated format,the camera 17 is properly controlled and initialized from the systemcontroller 1 via the USB controller 6 (step S12).

[0061] When the initialization of the camera 17 is completed, the camera17 is directed to capture image information (step S13). When the imageinformation has been captured, the photographed image information insidethe camera 17 is read out on the main memory 8 to be captured.

[0062] Image data is prepared based on the obtained image informationand is then stored in the flash memory 15 (step S14). The time andtiming of recording and format information are stored on the image datatogether. Additionally, the image data is compressed as required.

[0063] Here, the parameter 3 stored in the nonvolatile memory 14 isobtained (step S15). In this step, the mode of writing the preparedimage data is read out, and whether or not the writing mode isdesignated as “appending” is checked (step S16).

[0064] As with the example shown in FIG. 4, in the event that therecording mode is set as “appending” mode (Y), the newly prepared imagedata is inserted at the front of the image data already recorded. Thisis implemented by storing a pointer stored in the pointer for theleading image data of the management header in a pointer for the nextimage data stored in the image data at the time of insertion (step S17).

[0065] Then, the pointer for the leading image data of the image datamanagement header is altered by replacing the pointer for the leadingimage data with the pointer for the newly prepared image data (stepS20).

[0066] On the other hand, in step S16, in the event that it isdetermined that the writing mode on the parameter 3 is designated as“overwriting” mode (N), 0 is stored in the pointer for the next imagedata stored in the prepared image data (step S18). Here, 0 denotes thatthere is no following data.

[0067] At this point, the image data is deleted which is pointed by thepointer for the leading image data of the management header (step S18).After the image data is deleted, as in the case with “appending” mode,the flow advances to step S20, the pointer for the leading image data ofthe management header is replaced by the pointer for the newly preparedimage data.

[0068] As has been described heretofore, according to the presentinvention, the peripheral image is designed to be automatically obtainedthrough the camera provided in the vicinity of the PC system so as to berecorded in the memory at the timing or timings selected from thetimings when the power supply associated with the PC system is turnedon, when the BIOS setup program is activated, when an illegal passwordis entered, and when the system is resumed.

[0069] Note that in the flow for the image information recording processshown in FIG. 10, in step S12, the camera is initialized in accordancewith the parameters stored in the nonvolatile memory, and thereafter instep S13, the camera is directed to capture image information.

[0070] However, in a case where the present invention is carried outusing a camera of the type in which an image is sent to a PC in areal-time manner, a parameter corresponding to the format for the imagesent out from the camera may be designed to be stored in advance in thenonvolatile memory.

[0071] Then, it may be configured such that a capturing process of theimage being sent out of the camera is executed instead of theinitialization process of the camera in step S12 and the directingprocess of the camera to capture the image information into the camerain step S13. Image signals being sent out are recorded in the memory asa still image in accordance with the recording timing of the parameters.Additionally, it is also possible to have the image informationphotographed by the camera retained temporally for a certain period oftime, so that a still image of the retained image information iscaptured in the PC in accordance with the recording timing of theparameters.

[0072] Thus, the peripheral image information photographed by the camerais automatically captured in the PC.

[0073] Note that apart from the aforesaid recording timings, therecording timing of peripheral image information may be set to anoptional recording timing determined by the user authorized to accessthe system. For example, peripheral image information is captured atcertain time intervals.

[0074] Additionally, in the embodiment above, while the image data ofthe peripheral image information is designed to be stored in the flashmemory used by the BIOS program, in a case where the memory capacitybecomes low due to the additional peripheral image information, a flashmemory of a large capacity may be used. The peripheral image informationmay be stored in another nonvolatile memory. In addition, a volatilememory fed by a backup battery may be used.

[0075] Furthermore, while in the embodiment the separate recordingdevices are used for the nonvolatile memory for recording the recordingtiming and the flash memory for recording image data, it may beconfigured such that a single recording device is shared.

[0076] With the configuration according to the present invention, thesecurity countermeasures against theft and illegal access by recordingperipheral image information including the user are information usefulfor identification of the user who illegally used the system. Inaddition, the application of the present invention is not limited to thePC system as disclosed in the embodiment but the invention may beapplied to any other types of electronic apparatuses.

[0077] Moreover, since there is no need to prepare a specific operatingsystem and application program in order to record peripheral imageinformation including the user, the use and service for maintenance ofthe apparatus can be eased.

[0078] Furthermore, the configuration parameter for the recording (ex.the recording mode) can be set at an application program level utilizinga GUI on the operating system with which the user is familiar. This willease the system management like a remote maintenance or the like.

[0079] According to the present invention, since the peripheral imageinformation surrounding the user is recorded only when an illegal use ofthe system is identified, there is no risk of the resource of theapparatus being wasted purposelessly. Additionally, the operation of theapparatus can be simplified such that the recorded peripheral imageinformation can be validated without using a specific operating systemand application program, and that the configuration parameters for therecording of peripheral image information can be set from not only theBIOS setup program but also the operating system or the applicationprogram.

What is claimed is:
 1. An electronic apparatus comprising; a firstmemory having stored therein a parameter for representing at leastconditions of an illegal use of said apparatus, and a control unit whichstores in a second memory image information from a photographing devicewhich has photographed the user when said conditions represented by saidparameter are established.
 2. An electric apparatus as set forth inclaim 1, wherein said control unit controls the output of said imageinformation stored in said second memory in accordance with an outputdirection.
 3. An electronic apparatus as set forth in claim 1, whereinsaid control unit directs a BIOS setup program to read out saidparameter in said first memory and to record said image information insaid second memory.
 4. An electronic apparatus as set forth in claim 3,wherein said control unit directs an operating system or an applicationprogram running on said apparatus to set and alter said parameter insaid first memory via an interface prepared on said BIOS program.
 5. Anelectronic apparatus as set forth in claim 3, wherein said control unitdirects said BIOS program to output said image information recorded insaid second memory through said operating system or said applicationprogram.
 6. An electronic apparatus as set forth in claim 1, wherein assaid parameter recording timing representing conditions for obtainingimage information is selected, set and stored in said first memory. 7.An electronic apparatus as set forth in claim 1, wherein a image datamanagement header, a recording time, a recording timing, a recordingformat and image data which are in relation to said image informationare recorded in said second memory.
 8. An electronic apparatus as setforth in claim 6, wherein said recording timing of said imageinformation takes place when the power supply for said apparatus isturned on.
 9. An electronic apparatus as set forth in claim 6, whereinsaid recording timing of said image information takes place when saidBIOS setup program is activated.
 10. An electronic apparatus as setforth in claim 6, wherein said recording timing of said imageinformation takes place when said apparatus is resumed.
 11. Anelectronic apparatus as set forth in claim 6, wherein said recordingtiming of said image information takes place when an illegal password isentered in said apparatus.
 12. An electronic apparatus as set forth inclaim 6, wherein an image information acquiring format and writing modeare selected, set and stored in said first memory as said parameter. 13.An electronic apparatus as set forth in claim 12, wherein the mode ofwriting said image data into said second memory is of an overwriting oran appending mode.
 14. A computer readable recording medium having aprogram recorded therein for render a computer execute; reading out aparameter stored in a first memory which represents at least conditionsfor an illegal use of said computer or electronic apparatus, determiningon the establishment of said conditions, and in the event that saidconditions are established, storing in a second memory image informationby a photographing device which has photographed the user of saidelectronic apparatus.
 15. A recording medium as set forth in claim 14having stored therein a program for controlling the output of said imageinformation stored in said second memory in accordance with an outputdirection.
 16. A recording medium as set forth in claim 14 having storedtherein a program for directing a BIOS setup program to read out saidparameter in said first memory and to record said image information insaid second memory.
 17. A recording medium as set forth in claim 16having stored therein a program for directing an operating system or anapplication program running on said apparatus to set and alter saidparameter in said first memory via an interface prepared on said BIOSprogram.
 18. A recording medium as set forth in claim 16 having storedtherein a program for directing said BIOS program to output said imageinformation recorded in said second memory through said operating systemor said application program.
 19. A recording medium as set forth inclaim 16 having stored therein a program for recording in said secondmemory a image data management header, a recording time, a recordingtiming, a recording format and image data which are in relation to saidimage information.
 20. A recording medium as set forth in claim 16having stored therein a program for selecting and setting said recordingtiming of said image information from timings when the power supply forsaid apparatus is turned on, when said BIOS setup program is activated,when said apparatus is resumed and when an illegal password is enteredin said apparatus.
 21. A recording medium as set forth in claim 16having stored therein a program for selecting, setting and storingrecording timing, a format and a writing mode each representingconditions for obtaining image information in said first memory.
 22. Arecording medium as set forth in claim 16 having stored therein aprogram wherein the mode of writing said image data into said secondmemory is of an overwriting or an appending mode.
 23. An imageinformation control method comprising the steps of; reading out aparameter representing at least conditions for an illegal use of anapparatus stored in a first memory, determining on the establishment ofsaid conditions, and storing image information by a photographing devicewhich has photographed the user of said apparatus when said conditionsare established.
 24. An image information control method as set forth inclaim 23, wherein a BIOS setup program is directed to read out saidparameter in said first memory and to record said image information insaid second memory.
 25. An image information control method as set forthin claim 24, wherein an operating system or an application programrunning on said apparatus is directed to set and alter said parameter insaid first memory via an interface prepared on said BIOS program.
 26. Animage information control method as set forth in claim 24, wherein saidBIOS program is directed to output said image information recorded insaid second memory through said operating system or said applicationprogram.
 27. An image information control method as set forth in claim23, wherein a image data management header, a recording time, arecording timing, a recording format and image data which are inrelation to said image information are recorded in said second memory.28. An image information control method as set forth in claim 24,wherein said recording timing of said image information can be selectedand set from any one or a plurality of timings of those when the powersupply for said apparatus is turned on, when said BIOS setup program isactivated, when said apparatus is resumed and when an illegal passwordis entered in said apparatus.
 29. An image information control method asset forth in claim 23, wherein a format and a writing mode eachrepresenting conditions for obtaining image information are selected,set and stored in said first memory.
 30. An image information controlmethod as set forth in claim 29, wherein the mode of writing said imagedata into said second memory is of an overwriting or an appending mode.